What makes this attack cool?
The purpose of this attack is to stress the authoritive DNS servers of the target domain (google.com), but it is also forwarded to the ISP, and it in turn resolve your query using the DNS resolver, and it can also crash in this attack.

Furthermore, this attack is not mitigated in most of the DNS servers out there.
What can you do? Block IPs that send too many failed DNS queries (reponses of SERVFAIL) will do the trick. In addition you can obviously increse hardware resources of DNS servers or limit the number of concurrent requests which will also temporarly bring the server down.

In conclusion: This is a very simple yet effective attack, that exploits the iterative and naive nature of the DNS protocol. DNS DDoS attacks are on the raise, as we wintessed that even the large websites (Twitter, Spotify and others) were hit by it 6 months ago in the notorious attack against the Dyn DNS provider company, that included tens of millions of zomies that were controled by multiple malwares, including the famous Mirai bot (https://techcrunch.com/2016/10/21/many-sites-including-twitter-and-spotify-suffering-outage/).
We sure are going to so more and more DNS applicative attacks in the future, as it is usually easier to bring down a DNS server comparing to webservers of very large websites.

Comsec Group Blog

Comsec Group, founded in 1987, is a pioneering market leader, providing all-inclusive Cyber and Information Security services to clients around the globe. Our mission is to serve our clients as trusted advisors, by securing their information and operational assets, ensuring the achievement of their business goals.